

























@@ -27,6 +27,7 @@ type InstallScanFinding = {
2727file: string;
2828line: number;
2929message: string;
30+evidence?: string;
3031};
31323233type BuiltinInstallScan = {
@@ -339,6 +340,27 @@ function buildBuiltinScanFromSummary(summary: {
339340};
340341}
341342343+function rebuildBuiltinScanCounts(scan: BuiltinInstallScan): BuiltinInstallScan {
344+let critical = 0;
345+let warn = 0;
346+let info = 0;
347+for (const finding of scan.findings) {
348+if (finding.severity === "critical") {
349+critical += 1;
350+} else if (finding.severity === "warn") {
351+warn += 1;
352+} else {
353+info += 1;
354+}
355+}
356+return {
357+ ...scan,
358+ critical,
359+ warn,
360+ info,
361+};
362+}
363+342364const DEFAULT_PACKAGE_MANIFEST_TRAVERSAL_LIMITS: PackageManifestTraversalLimits = {
343365maxDepth: 64,
344366maxDirectories: 10_000,
@@ -540,6 +562,56 @@ async function collectNonOverlappingPackageScanRoots(packageDirs: string[]): Pro
540562return selectedRoots.map((selectedRoot) => selectedRoot.packageDir);
541563}
542564565+function normalizeRelativeScanPath(relativePath: string): string {
566+return relativePath.split(path.sep).join("/");
567+}
568+569+function isKnownBenignLanceDbFinding(params: {
570+finding: InstallScanFinding;
571+packageDir: string;
572+}): boolean {
573+const relativePath = normalizeRelativeScanPath(
574+path.relative(params.packageDir, params.finding.file),
575+);
576+const evidence = params.finding.evidence ?? "";
577+if (params.finding.ruleId === "dangerous-exec" && relativePath === "dist/native.js") {
578+return (
579+/child_process/.test(evidence) &&
580+/\bexecSync\(\s*['"](?:ldd --version|which ldd)['"]/.test(evidence)
581+);
582+}
583+if (
584+params.finding.ruleId === "dynamic-code-execution" &&
585+relativePath === "dist/embedding/transformers.js"
586+) {
587+return /\beval\(\s*['"]import\(["']@huggingface\/transformers["']\)['"]\s*\)/.test(evidence);
588+}
589+return false;
590+}
591+592+async function suppressKnownBenignInstalledDependencyFindings(params: {
593+builtinScan: BuiltinInstallScan;
594+packageDir: string;
595+}): Promise<BuiltinInstallScan> {
596+if (params.builtinScan.status !== "ok" || params.builtinScan.findings.length === 0) {
597+return params.builtinScan;
598+}
599+const manifest = await tryReadJson<PackageManifest>(path.join(params.packageDir, "package.json"));
600+if (manifest?.name !== "@lancedb/lancedb") {
601+return params.builtinScan;
602+}
603+const findings = params.builtinScan.findings.filter(
604+(finding) => !isKnownBenignLanceDbFinding({ finding, packageDir: params.packageDir }),
605+);
606+if (findings.length === params.builtinScan.findings.length) {
607+return params.builtinScan;
608+}
609+return rebuildBuiltinScanCounts({
610+ ...params.builtinScan,
611+ findings,
612+});
613+}
614+543615async function collectPackageManifestPaths(params: {
544616allowManagedNpmRootPackagePeerSymlinks?: boolean;
545617rootDir: string;
@@ -764,6 +836,7 @@ async function scanManifestDependencyDenylist(params: {
764836}
765837766838async function scanDirectoryTarget(params: {
839+deferBuiltinWarnings?: boolean;
767840excludeTestFiles?: boolean;
768841failOnTruncated?: boolean;
769842includeHiddenDirectories?: boolean;
@@ -793,7 +866,7 @@ async function scanDirectoryTarget(params: {
793866);
794867}
795868const builtinScan = buildBuiltinScanFromSummary(scanSummary);
796-if (params.suppressBuiltinWarnings) {
869+if (params.suppressBuiltinWarnings || params.deferBuiltinWarnings) {
797870return builtinScan;
798871}
799872if (scanSummary.critical > 0) {
@@ -1196,7 +1269,10 @@ export async function scanInstalledPackageDependencyTreeRuntime(params: {
11961269}
11971270const packageRealPath = await fs.realpath(packageDir).catch(() => path.resolve(packageDir));
11981271const isPluginRoot = packageRealPath === pluginRootRealPath;
1199-const builtinScan = await scanDirectoryTarget({
1272+const installedTreeSuspiciousMessage = `Plugin "{target}" installed tree has {count} suspicious code pattern(s). Run "openclaw security audit --deep" for details.`;
1273+const installedTreeWarningMessage = `WARNING: Plugin "${params.pluginId}" installed tree contains dangerous code patterns`;
1274+const rawBuiltinScan = await scanDirectoryTarget({
1275+deferBuiltinWarnings: true,
12001276excludeTestFiles: isPluginRoot,
12011277failOnTruncated: true,
12021278includeHiddenDirectories: true,
@@ -1206,10 +1282,27 @@ export async function scanInstalledPackageDependencyTreeRuntime(params: {
12061282maxFiles: remainingMaxFiles,
12071283path: packageDir,
12081284suppressBuiltinWarnings: params.trustedSourceLinkedOfficialInstall === true,
1209-suspiciousMessage: `Plugin "{target}" installed tree has {count} suspicious code pattern(s). Run "openclaw security audit --deep" for details.`,
1285+suspiciousMessage: installedTreeSuspiciousMessage,
12101286targetName: params.pluginId,
1211-warningMessage: `WARNING: Plugin "${params.pluginId}" installed tree contains dangerous code patterns`,
1287+warningMessage: installedTreeWarningMessage,
12121288});
1289+const builtinScan = await suppressKnownBenignInstalledDependencyFindings({
1290+builtinScan: rawBuiltinScan,
1291+ packageDir,
1292+});
1293+if (params.trustedSourceLinkedOfficialInstall !== true && builtinScan.status === "ok") {
1294+if (builtinScan.critical > 0) {
1295+params.logger.warn?.(
1296+`${installedTreeWarningMessage}: ${buildCriticalDetails({ findings: builtinScan.findings })}`,
1297+);
1298+} else if (builtinScan.warn > 0) {
1299+params.logger.warn?.(
1300+installedTreeSuspiciousMessage
1301+.replace("{count}", String(builtinScan.warn))
1302+.replace("{target}", params.pluginId),
1303+);
1304+}
1305+}
12131306const builtinBlocked = resolveBuiltinScanDecision({
12141307 builtinScan,
12151308logger: params.logger,
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。